Loading doc/ssl/SSL_CTX_set_cipher_list.pod +1 −1 Original line number Diff line number Diff line Loading @@ -41,7 +41,7 @@ RSA export ciphers with a keylength of 512 bits for the RSA key require a temporary 512 bit RSA key, as typically the supplied key has a length of 1024 bit (see L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>). RSA ciphers using EDH need a certificate and key and additional DH-parameters RSA ciphers using DHE need a certificate and key and additional DH-parameters (see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>). A DSA cipher can only be chosen, when a DSA certificate is available. Loading doc/ssl/SSL_CTX_set_options.pod +1 −1 Original line number Diff line number Diff line Loading @@ -159,7 +159,7 @@ can only be used for signature operations (namely under export ciphers with restricted RSA keylength). By setting this option, ephemeral RSA keys are always used. This option breaks compatibility with the SSL/TLS specifications and may lead to interoperability problems with clients and should therefore never be used. Ciphers with EDH (ephemeral clients and should therefore never be used. Ciphers with DHE (ephemeral Diffie-Hellman) key exchange should be used instead. =item SSL_OP_CIPHER_SERVER_PREFERENCE Loading doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod +1 −1 Original line number Diff line number Diff line Loading @@ -70,7 +70,7 @@ the TLS standard, when the RSA key can be used for signing only, that is for export ciphers. Using ephemeral RSA key exchange for other purposes violates the standard and can break interoperability with clients. It is therefore strongly recommended to not use ephemeral RSA key exchange and use EDH (Ephemeral Diffie-Hellman) key exchange instead exchange and use DHE (Ephemeral Diffie-Hellman) key exchange instead in order to achieve forward secrecy (see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>). Loading Loading
doc/ssl/SSL_CTX_set_cipher_list.pod +1 −1 Original line number Diff line number Diff line Loading @@ -41,7 +41,7 @@ RSA export ciphers with a keylength of 512 bits for the RSA key require a temporary 512 bit RSA key, as typically the supplied key has a length of 1024 bit (see L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>). RSA ciphers using EDH need a certificate and key and additional DH-parameters RSA ciphers using DHE need a certificate and key and additional DH-parameters (see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>). A DSA cipher can only be chosen, when a DSA certificate is available. Loading
doc/ssl/SSL_CTX_set_options.pod +1 −1 Original line number Diff line number Diff line Loading @@ -159,7 +159,7 @@ can only be used for signature operations (namely under export ciphers with restricted RSA keylength). By setting this option, ephemeral RSA keys are always used. This option breaks compatibility with the SSL/TLS specifications and may lead to interoperability problems with clients and should therefore never be used. Ciphers with EDH (ephemeral clients and should therefore never be used. Ciphers with DHE (ephemeral Diffie-Hellman) key exchange should be used instead. =item SSL_OP_CIPHER_SERVER_PREFERENCE Loading
doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod +1 −1 Original line number Diff line number Diff line Loading @@ -70,7 +70,7 @@ the TLS standard, when the RSA key can be used for signing only, that is for export ciphers. Using ephemeral RSA key exchange for other purposes violates the standard and can break interoperability with clients. It is therefore strongly recommended to not use ephemeral RSA key exchange and use EDH (Ephemeral Diffie-Hellman) key exchange instead exchange and use DHE (Ephemeral Diffie-Hellman) key exchange instead in order to achieve forward secrecy (see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>). Loading
